One of 2017’s least helpful trends, for pretty much any definition of helpful, was the rise of so-called “cryptojacking” extensions and scripts. There was some hope, early on, that mining a cryptocurrency in one’s web browser while surfing a site could represent a better method of generating income than the eternal war between ad blockers and websites (a battle neither side wins, nor is necessarily even pleased with). But that fragile hope has been dashed. Cryptojacking, the use of drive-by cryptocurrency mining scripts embedded in websites to burn CPU cycles and power of visiting users without their consent, had already become popular last year. It’s apparently reached such proportions that now even Google is taking a hand to stop it.
According to a new post at the Chromium Blog, cryptocurrency miners will no longer be allowed on the platform. In the past, Google did allow such use, provided that the extension was deployed solely for mining and this information was disclosed to the user up-front. “Unfortunately,” writes James Wagner, the company’s extensions platform product manager, “approximately 90 percent of all extensions with mining scripts that developers have attempted to upload to Chrome Web Store have failed to comply with these policies, and have been either rejected or removed from the store.”
Starting today, the Chrome Web Store will no longer accept cryptocurrency mining extensions. Existing extensions that were previously approved will be stripped in late June. Extensions that perform other tasks or are related to the blockchain in a fashion other than mining will continue to work normally.
Google, it seems, is a bit unhappy with how this experiment in permissiveness turned out. That might have something to do with news that surfaced some months ago, about popular extensions being sold to individuals who then updated them with cryptocurrency miners, hoping that end users would never be the wiser. That kind of end run around user intent is about as hostile as you can get.
It was never clear if there was a realistic path to cryptocurrency mining as a way to funnel cash to legitimate websites. Fundamental issues, like the impact on system power consumption, battery life, and the very real difficulty of trying to create some kind of equitable framework for assigning mining work across multiple browsers and sites hadn’t been solved. The best-case might have been a third-party tool that would distribute mining earnings to a site or series of sites, but this would’ve also made it trickier for sites to know which users and donators were associated with which accounts.
None of these problems were insurmountable. But with Google bringing down the banhammer — and to be clear, we agree with its decision, given the user-hostile nature of cryptojacking — we won’t be finding out anytime soon.
Western Digital’s My Cloud Storage Devices Have Hard-Coded Backdoor
Western Digital's My Cloud network attached storage (NAS) devices claim to offer an easy, all-in-one solution for storing your data at home. However, they might also be providing an easy, all-in-one solution for hackers to steal your data take control of your device.
New macOS Security Bug Unlocks App Store With Any Password
Apple's macOS High Sierra has a flaw in the latest version that allows admin users to bypass a locked app store by entering any password they like.
Trump’s Executive Orders Boosting Rural Broadband Won’t Stop FCC Sabotage
President Trump has issued a pair of executive orders aimed at helping rural Americans receive broadband service, but his instructions will only apply to a relatively small number of people and could make the actual problem worse.
21 States Sue to Stop Net Neutrality Rollback
Twenty-one states and the District of Columbia have requested a review of the FCC's decision to dismantle net neutrality. Meanwhile, 50 Senators have agreed to vote against the FCC's decision — but House support and a potential Trump veto loom large.